Khoj can index local notes and external sources, then expose agent and automation features. This document covers securing data connectors, identity, API keys, and background automation channels.
¶ 1) Harden Authentication and Access Boundaries
- Set strong
KHOJ_ADMIN_PASSWORD (minimum 16 characters, mixed case, numbers, symbols)
- Change default admin credentials immediately after first login
- Use unique admin email (not publicly associated with your organization)
- Enable 2FA if available in future releases
- Enforce authentication for all non-public deployments
- Use reverse proxy with TLS (HTTPS) for all web access
- Apply security headers (HSTS, CSP, X-Frame-Options, etc.)
- Restrict admin features to trusted users only
- Disable unused login methods
- Set
KHOJ_ALLOWED_DOMAIN when using load balancer/reverse proxy
- Store all API keys in secret management (not in version control)
- Rotate keys/tokens on a regular schedule
- Use separate API keys for development and production
- Monitor API key usage for anomalies
¶ 2) Secure Indexed Data and Connectors
| Data Source |
Security Considerations |
| Local Files |
Ensure file permissions restrict access to Khoj user only |
| Notion |
Use dedicated integration token with minimal scopes |
| Obsidian |
Sync only necessary vaults, exclude sensitive notes |
| Emacs |
Restrict indexed org files to non-sensitive content |
- Apply least privilege to document source connectors
- Keep OAuth/client secrets in secret management, not static config files
- Define clear retention policy for indexed content and embeddings
- Separate personal and organization knowledge stores
- Regularly audit indexed documents for sensitive data exposure
- Consider data classification before indexing
- Change default PostgreSQL password (
POSTGRES_PASSWORD)
- Restrict database access to Docker network only
- Use strong
KHOJ_DJANGO_SECRET_KEY for session encryption
- Enable PostgreSQL logging for audit trails
- Regular database backups with encryption at rest
¶ 3) Control Agent and Scheduled Automation Risk
- Review enabled tools before allowing autonomous actions
- Run automations with minimal system privileges
- Set explicit boundaries for agent actions
- Log all agent decisions and tool invocations
- Require human approval for high-impact actions
Khoj uses Terrarium (self-hosted) or E2B (cloud) for code execution:
| Option |
Security Considerations |
| Terrarium (Default) |
Self-hosted sandbox, isolated via Docker, review code before execution |
| E2B |
Cloud-based sandbox, data leaves your network, review E2B privacy policy |
Recommendations:
- Log all code execution requests
- Review generated code before running
- Restrict code execution to trusted users
- Monitor resource usage during execution
- Log schedule execution and results
- Set timeouts for long-running tasks
- Cancel stalled jobs automatically
- Review automation outputs before distribution
- Limit automation frequency to prevent abuse
- Always use
localhost (not 127.0.0.1) to avoid CSRF errors
- Set
KHOJ_ALLOWED_DOMAIN when using reverse proxy
- Keep
KHOJ_DJANGO_SECRET_KEY secure and unique
- Khoj validates user input server-side
- Still sanitize inputs before syncing sensitive documents
- Review indexed content periodically
- Use trusted model providers
- Validate model responses for sensitive data leakage
- Monitor for prompt injection attempts
- Set content filters where available
¶ 5) Maintain Security Hygiene
- Update Khoj regularly:
docker-compose pull && docker-compose up -d
- Monitor GitHub releases for security patches
- Patch underlying OS and Docker regularly
- Update client plugins (Obsidian, Emacs) promptly
| What to Monitor |
Why |
| Failed login attempts |
Detect brute force attacks |
| API errors |
Identify potential attacks or misconfigurations |
| Queue depth |
Detect resource exhaustion |
| Model inference latency |
Identify performance issues |
| Tool call logs |
Audit agent behavior |
| Connector activity |
Track data access patterns |
- Document security incident response procedures
- Know how to quickly disable external access
- Have rollback plan for bad updates
- Maintain offline backups of critical data
- 🌐 Khoj Documentation: https://docs.khoj.dev/
- 🌐 Khoj Source Repository: https://github.com/khoj-ai/khoj
- 🌐 Khoj Security Issues: https://github.com/khoj-ai/khoj/issues
- 📄 AGPL-3.0 License: https://www.gnu.org/licenses/agpl-3.0.html
Any questions?
Feel free to contact us. Find all contact information on our contact page.